Posted
by
samzenpus
on Wednesday June 15, 2011 @04:42PM
from the poking-the-bear dept.

Revotron writes "Anonymous hacker group LulzSec has begun to harness the power of the crowd in their latest griefing attempts. After a day of numerous DDoS attacks on a handful of famous MMOs, LulzSec's phone lines lit up with an estimated 20 calls per second. Using a fairly simple phone redirect, they sent all of their incoming calls to various offices, among them the FBI office in Detroit, Blizzard Customer Support, online retailer Magnets.com, and most recently, the corporate offices of HBGary."Update: It looks like they also brought down the CIA website tonight, but it is up now.

And exactly what purpose is that? Launching indiscriminate DDOS attacks are child's play since almost everyone is vulnerable to this type of attack. The only purpose they are serving is to give the government more reasons to start trying to take control of content and access. These guys are nothing when compared against those responsible for Stuxnet. Now that required some intelligence and also served a good purpose.

[...] but something tells me that these guys are contracted by the government because supporters of the Patriot Act are thinning in numbers.

That people may take advantage of a situation is not evidence that they are responsible, directly or indirectly, for that situation. Politicians are, if anything, opportunistic. Also, it's not like there's never been a group of assholes on the Internet making trouble for a bunch of people.

I believe this is the first time, on the internet or otherwise, that someone implied that I was racist after taking a completely unrelated statement out of context. I implore you to read more than half of my sentence.

I believe this is the first time, on the internet or otherwise, that someone implied that I was racist after taking a completely unrelated statement out of context.

X0563511 got it. If you don't want to sound like X, then just don't say the thing that you think will make you sound like X. If you're going to make the statement anyway, spare us the useless preface and either 1) expend a little effort to support your claim, or 2) accept your outward appearance.

I implore you to read more than half of my sentence.

And here I thought that my response to that other half of your sentence would have been sufficient evidence of my having done as you suggested. Ignoring evidence? Conjuring up fantasies? Nope; not a tinfoil hatter a

You definitely do. Tangentially linking the two things because they're related is the nature of tinfoil-hat thinking.

A good way to examine whether a theory is nutty or serious is to think about the end you're purporting the government is trying to achieve, and think of the best and simplest way they could achieve that. In this instance, a far better thing to do would be to tout a how authorities narrowly thwarted a major attack on a well-known, beloved landmark, and toss in a detail or two about wireta

I don't want to sound like a tinfoil hatter (even if I do), but something tells me that these guys are contracted by the government because supporters of the Patriot Act are thinning in numbers.

LulzSec has been rapidly escalating its campaigns since the legislation has been passed. It was not on anyone's radar during the debate in Congress.

May 27, 2011:

Overcoming objections from a bipartisan clutch of libertarian-minded lawmakers, the legislation passed the Senate, 72 to 23, and the House, 250 to 153.

Senator Rand Paul won a small battle with his opposition to the Patriot Act by reaching a deal with Congressional leadership to add votes on two amendments, one of which would exempt some gun records from government searches.

That was the score late Thursday afternoon following Senate Majority Leader Harry Reid's (D-Nev.) announcement that after days of grueling debate over the renewal of three key Patriot Act provisions, Senate leaders had reached a deal on allowing votes on two amendments proposed by Sen. Rand Paul (R-Ky.).

Under the agreement, announced less than nine hours before the law currently extending the Patriot Act provisions was to expire, the Senate would vote on two amendments proposed by Paul: one that would limit "suspicious activity" reporting requirements under the Act to requests from law enforcement agencies, and another -- the one that had seen the greatest opposition from Reid -- that would exempt certain gun records from being searched under the counterterrorism surveillance law.

The victory for Paul wasn't so much that either of his amendments would pass -- in fact, both fell well short of the 60-vote threshold necessary for approval, with the gun-rights amendment receiving the support of only 10 senators.

Rather, it was that after days of vowing to block the passage of the Patriot Act extension -- even at the risk of missing Thursday's deadline -- Paul, a tea-party freshman who has served in the Senate for less than five months, was granted votes on his two amendments.

It makes perfect sense. They're children, looking for attention. And they're getting tons of it. I wouldn't go so far as to say news outlets should stop reporting on it, as that gets into censorship territory, and it IS newsworthy to a point, and yet if they knew that the only ones paying any attention to them were law enforcement, and the only reason they hadn't gotten caught yet is because they're waiting to collect enough evidence to ensure the sentences last multiple decades... maybe it would stop all on its own.

As for being out of reach, NOBODY is out of reach. Even if a country is unlikely to allow extradition, consider the fact that if some small country was causing an abnormal amount of grief for the rest of the world, surrounding allies might consider cutting off all internet access to prevent it. Just something to consider.

That will be their name after Homeland Security tosses them in prison. It's not rocket science. Fuck with corporations, they pay politicians, laws get passed, profit. Fuck with the US Senate, the FBI, they _find_ you. And you know very well the US doesn't care about jurisdiction.

I do not think justice has ever been a goal. They are in it for the lulz. The way to attract their attention is to complain about what they're doing. I'm amused, but have no feeling that much of what they're doing is morally justified in any way. I will be similarly amused (and a bit impressed) if they're caught.

But both actions are illegal and look at the sentence Mitnick got handed and this was back in time before the Internet was on any governments priority list. The laws and sentences have been increasing rapidly since then with little or no complaints from anyone except those who get caught.

You're entirely missing the point with Mitnick - he was held without trial for an unreasonable amount of time: four and a half years. He was deemed a "threat" to global security (literally, a judge said he could "start a nuclear war by whistling into a pay phone"). Yea, it's absurd, we all knew it, and that's why people rallied behind Mitnick. Not because they just arrested a hacker.

Not to mention that these are large scale attacks intended to piss people off and cripple systems. Mitnick just gained a

At what point did Mitnick take down any network you were trying to use for fun or profit?

Mitnick was also a real hacker -- he could tweak code to serve him without being detected most of the time.

From a criminal perspective:Lulzsec: breaking someone's house down with a rocket launcherMitnick: sneaking past your security system in broad daylight and memorizing your diary then getting out without leaving fingerprints

Watching other peoples' lives and work blow up might be fun, but both irresponsible and immatu

Social engineering is just as viable and acceptable a tactic as any. It can also save time if the targets are fooled easily enough, like with HBGary:
Cracker: What's the password?
Local Sys Admin: Imadoofus
Cracker: K thx. cracks system wide open

So screwing over WOW players trying to get customer support is now "justice"? What a bunch of wankers.

Can we stop giving these jokers the attention they crave for every little idiotic stunt they pull? Every 10th story seems to be about LulzSec. I'm not really sure it's even news anymore. These guys are like internet trolls and will continue until they either don't get the attention they want or they get their asses arrested.

Frankly, with the latest series of indiscriminate attacks it's starting to look less like griefers run amok and more like false-flag psyops run to reduce support for hacktivism through guilt-by-association and create fertile grounds for some new draconian legislation.

LulzSec's disabling of the CIA's website [cia.gov] (CIA.gov) is currently being discussed on ZeroHedge:
LulzSec Takes Down Cia.gov [zerohedge.com]
One thing is certain. The crackers in LulzSec are damned good, OR they have considerable "inside" help at the CIA and FBI. Or BOTH!!

Or the CIA doesn't use the public facing web server for anything important, so they didn't bother securing it very well.

In fact, they probably set it up this way on purpose with an eye towards attracting interesting targets to their honey pot [wikimedia.org]. It's a cheap and effective method when compared to other forms of surveillance and the CIA need only spend minimal effort and resources to promote their honey pot where desirable targets are likely to find it and follow up on any promising leads.

Attacking people with the resources to find and make you disappear is stupid.

You know that moment in a super hero movie where the idiot bad guy says something insulting to the hero and you know he's going to get his backside handed to him six ways from Sunday? Lulzsec just did the insult bit.

What "civil liberties" are you worried about losing? I'm not aware of any that explicitly grant you the ability to phone-bomb some organization. Are you still pissed that you cannot send spam faxes to people?

What "civil liberties" are you worried about losing? I'm not aware of any that explicitly grant you the ability to phone-bomb some organization. Are you still pissed that you cannot send spam faxes to people?

How about legislation that requires telephony providers to provide call detail and subscriber records to law enforcement on demand?

It's not generally the offense that's the problem, it's the investigative techniques involved. Nobody had an issue with the NSA investigating terrorism, but most of us have a problem when they claim to need warrantless wiretaps and the CIA need for black sites to do interrogations.

It's not generally the offense that's the problem, it's the investigative techniques involved. Nobody had an issue with the NSA investigating terrorism, but most of us have a problem when they claim to need warrantless wiretaps and the CIA need for black sites to do interrogations.

And with these already [wikipedia.org] happening [wikipedia.org], what exactly other liberties are lost?

What "civil liberties" are you worried about losing? I'm not aware of any that explicitly grant you the ability to phone-bomb some organization.

How about the liberty to build software [slashdot.org]? You must be pretty naive to not see the connection between threat and legislative response, between legislation and executive power, between power and government encroachment, and between encroachment and abuse*. Try reading a wide variety of news sources for 1 or 2 years and you'll wise up.

I am not a political theorist by any means, but I'll take a swing at this
The US concept of "inherent rights" derives from the philosophies of Enlightenment-era philosophers such as Thomas Hobbes, John Locke, and Thomas Paine. Wikipedia has a pretty good article natural rights vs legal rights here: http://en.wikipedia.org/wiki/Natural_and_legal_rights [wikipedia.org]

In US political theory, the Declaration of Independence carries a significant amount of weight, because it publicly stated on what philosophical and moral g

I'm pretty sure that's he's not worried about losing his right to phone-bomb. Rather, he's worried about the fact that the authorities will be allowed to tap his phone, access his computer and arrest him all without a shred of evidence and because they think that he *might* be doing something illegal like.

What "civil liberties" are you worried about losing? I'm not aware of any that explicitly grant you the ability to phone-bomb some organization.

The problem is not what is being legislated against, but how it is legislated. Are you unfamiliar with government thinking in cases like these?

"This phone-bombing was performed by unidentified people with a phone line, therefore we shall make it illegal to use a phone without first routing it through a government controlled call-centre and informing it who you are, where you are, who you are going to phone, and for what reason. Problem solved. The innocent have nothing to fear. Anyone complaining their civil liberties are being removed must have something to hide."

This plays well for the conspiratorial: the government is behind LulzSec. People get their panties in a bunch about LulzSec antics and the government looks like they're doing the right thing by increasing monitoring, restricting access, etc. Although I think the government might come up with a better false flag if it really wants to tighten the screws.

"Back when I was young, the Internet was free and open. We had anonymity and could be anyone we wanted. Then these idiots screwed it up for everyone, and in the name of a few lulz, destroyed our future possibilities. That's why you have to use your citizen card to access the library Internet."

Isn't this along the same line as causing a traffic jam at a busy intersect just to say hay you should have a police officer watching every traffic corner?Maybe I'm missing the point but mostly they just seem to cause petty disturbances. Are they trying to make it so companies have to weigh every new venture they role out with the thought of risk vs reward?I always wanted to be a person who achieves something not someone that goes over to the next guys sand castle and kicks it down and says damn should have made that sucker hurricane proof. Better luck next time.

I'm just surprised these guys don't naturally just turn on each other over time.

Does anyone honestly believe that LulzSec is anything other that some government agency. They're clearly trying to piss off the general public... and to what purpose? Support for some key upcoming regulatory changes to the internet?

Either these guys are fucked and we are about to get rammed with legislation, or the government is pulling this off and we are about to get rammed with legislation. Either way the general public takes the red white and blue schwanze in the end.

The Sony hacks illustrated just how exposed our data is; the treasure trove of personal data sitting out there for the EASY taking by real criminals is a disaster waiting to happen on an unprecedented scale. I'd rather a group like Lulz go around poignantly dispelling our notions of information security rather than have actual identity thieves take on the mantle of a wake up call themselves. I applaud their point: if you can't even stop people compromising systems for laughs, you'll never be able to stop those who are doing so for profit.

"Why would that be helpful? It would give them a chance to pull their pants up and not be exposed to the world, which is the entire point?"
Outing them does more harm to the users than it does to the company. Shaming would be an valid option if the company was warned of a vulnerability and did not fix the problem in a timely manner.
"You have to publicly shame these companies due if the company was informed of the vulnerability and firms into taking security seriously"
How do you know the are not taken s

When a guy breaks into your house and steals your belongings, "Hey, he had a lousy alarm system and was gone over Labor Day Weekend, he was asking for it!"

A rapist: "She was wearing a provocative outfit! Anyone could see that she was asking for it".

Now these script kiddies: "Hey, we broke in and found plaintext! Sony was asking for it."

Same logic. "It's not my fault, you did not prevent me from committing a crime so it is your fault. I am not responsible for my criminal actions, you are. You are also responsible for the third-parties I hurt because you did not adequately prevent me from doing it".

The NSA was all over signals intelligence. The basic intelligence failure of 9/11 was human intelligence. We moved so far away from useful human intel the we were easy to blindside, mostly because, by executive order, the CIA stopped employing "bad people" as sources. Idealistic, but not very practical, and the best crypto skills in the world don't help much against plotters who never use electronics for planning.

They'll just declare them a terrorist and then use rendition to ship them somewhere from anywhere, or if they're in the UK then the UK government will just roll over and ship them to the USA before asking "so what did you want them for?"

Interfering with someone else's electronics is in fact a serious crime in most places. The Internet is primarily privately run these days, so you might find it strange but private companies' resources being misused is not the same as dancing like an idiot in a public park. Its a direct assault on private property, like your examples.